XSStrike
XSStrike copied to clipboard
False Positive Issue...
I used XSStrike on a website with this command:
XSStrike generated the following output: XSStrike v4.0.0 [!] Testing parameter: srule [!] Reflections found: 2 [~] Analysing reflections [~] Generating payloads [!] Payloads generated: 24
[+] Payload: %0daUtOFOCUS%0donfoCUs=(prompt)`` [!] Efficiency: 100 [!] Confidence: 8 [?] Would you like to continue scanning? [y/N]
I am unable to exploit the all the 24 payloads.
XSStrike generated the following output: XSStrike v4.0.0
[!] Testing parameter: cgid [!] Reflections found: 3 [~] Analysing reflections [~] Generating payloads [!] Payloads generated: 1536 [~] Progress: 297/1536
[+] Payload: <html%0aonmouseoVer%0a=%0aa=prompt,a()%0dx// [!] Efficiency: 91 [!] Confidence: 10
Is this a false positive?
If i am doing wrong please guide the procesure to exploit it.
Thank You